Learn strategies for safeguarding application, database, and server credentials.
- Credentials are usernames and passwords. … Website code often uses credentials … to connect to databases, to connect … to a payment processor, to access third-party APIs, … or to connect to source code repositories. … These credentials are valuable access keys … that need to be handled securely. … Don't put credentials directly inside your code. … We call this hard-coding the credentials. … Instead, store the credentials in a separate file, … and use variables or even better constants … to refer to the values. … Separating configuration from the code … is considered a best practice. … It's also more secure. … These values are still in the project, … but it's easier to give special treatment … to a separate credentials file. … Version control systems, such as Git, SVN, and Mercurial, … present unique challenges for credentials. … These code management tools are often used … to distribute code via shared repositories … on third party services. … Adding credentials to version control …
- Threat models
- Least privilege
- Defense in depth
- Validating and sanitizing input
- Credential attacks
- SQL injection
- Cross-site scripting
Skill Level Beginner
Web Programming Foundationswith Morten Rand-Hendriksen58m 44s Beginner
Web Security: Same-Origin Policieswith Sasha Vodnik1h 54m Advanced
1. Security Overview
2. General Security Principles
3. Filter Input, Control Output
4. The Most Common Attacks
Next steps2m 26s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.